1. Field of the Invention
This invention relates to a method and apparatus for providing local data persistence for Web applications.
2. Description of the Related Art
Applications based upon markup languages such as HTML (Hypertext Markup Language) are notoriously well known in the art. In a typical configuration, a user at a client node accesses an HTML document at a server node by having an HTML client application at the client node issue a request to an HTML server application at the server node. Upon receiving such a request, the HTML server at the server node retrieves the requested document and transmits it to the HTML client at the client node. Typically, the client application is a Web browser on the user's personal workstation, while the server application is a Web server at a distant node. Typically, too, the client and the server communicate with each other over a network such as the Internet using a communication protocol such as Transmission Control Protocol/Internet Protocol (TCP/IP). In addition to containing text or graphics for display, an HTML document may contain areas for entry of data by the user, ultimately to be processed on either the client or the server.
A Web application (i.e., an HTML page containing functionality for user data entry) containing potentially secure information needs data persistence to avoid losing the user's data between invocations. One current industry solution for retaining data is JavaScript “cookies”, defined in Teach Yourself Java Script in a Week (copyright 1996 by Sam.net Publishing) as “a method of storing information locally in the browser and sending it to the server whenever the appropriate pages are requested by the user”. Cookies, however, have significant limitations for Web applications that must store data on the client side. Cookies are limited in size (4096 bytes) and the number of entries per domain (20 per cookie file). Also, cookies are not secure because other sites access the same cookie file.
A typical industry solution to storing potentially large amounts of potentially secure data is to use a Common Gateway Interface (CGI) on the server and store the data on a database maintained by the server. This has limitations and complications. The Web site administrator must maintain a list of usernames and passwords to provide security to the individual files. If Secure Sockets Layer (SSL) is not implemented, this is not a very secure method because the data must be transported across the Web while not encrypted.
Another approach (for Microsoft Internet Explorer only) has been a behavior called “userData”. This is a function that can save the data in a proprietary format on the computer for retrieval at a later date. However, this solution has several pitfalls. The data is no longer portable, since if the user saves a page on his or her work computer, he or she cannot transport this data to a home computer for later retrieval. Also, this approach is limited to use with the Microsoft Internet Explorer 5.x Web browser, and cannot be used with other browsers such as Netscape Navigator.